Page 1 of 1

PostPosted: Mon Mar 19, 2007 9:46 pm
by EURO_Snoopy
Spambot, he's gone now, pls check his sig links, that's how to spot the buggers ;)

PostPosted: Mon Mar 19, 2007 10:43 pm
by MaXMhZ
Oops didn't spot those :oops:
I've removed the links - my IP blocker/firewall alert went off.
Firefox was trying to send data out to one of the info sites linked after I clicked them (I was on another site at the time, several minutes later)...
time for a malware scan I guess lol
NOD32 and ZoneAlarm kept silent but my NetPeeker kicked in and blocked it right away - lousy support for NetPeeker, but I wouldn't want to miss it.
I'm getting a list of 11 IP addresses with 1 post he posted from when I check the IP.

PostPosted: Tue Mar 20, 2007 9:44 am
by EURO_Snoopy
I had one of these sods try to install a key logger the other day. The worrying thing is that other sites using this system are not very dilligent in deleting spam posts the possibilities of infection are scary to say the least. Most (one notable exception) other boards have spam problems too, even the ones you pay for.

Rather than click the link in a suspected post I run the pointer over it or check properties and see what it links to, 9 times out of ten you will see in the link suspect words which are a dead giveaway.

If the link is suspicious you can delete it, if you're not sure you could possibly find out more about the site via google, thats the way I check them.

PostPosted: Tue Mar 20, 2007 7:26 pm
by MaXMhZ
Agreed. Some of these creeps are very cunning in conceiling their malware though. I've had it occur several times when checking new users through the members list that their WWW link instantly tried to install malware... It seems to me Zone|Alarm and NOD32 shields are not that good. Most of the time they were stopped by either Protowall or Net-Peeker (both IP blockers).
I have Net-Peeker's simple firewall set to 'Learning' mode, which means I have to give explicite allowance for anything to download if the application or remote site are not allowed yet. Protowall (like all other anti-malware on my system) is updated every day). Potowall has extensive lists to block adware, spyware, hackers,keyloggers, trojans, worms, and much more. I do feel pretty safe, still there's no 100% safe on the net...
I did a scan and did find some adware though - not many but still lol
Anyway - it's busy with hackers and new malware again these days now Vista is out they all want to grab their chance :(